<?php
include 'include/functions.php';
//Connect To Database
dbConnect();
//check to make sure $Weeknum > 1 AND $Weeknum < 21
$Weeknum = checkWeekBounds(getWeek("NHL"));
//Write SQL Query to extract specified data
$SQL = "Select ID, NHL From Users WHERE (Username='".$uname."') AND (Password='".sha1($passwd)."') AND (flag = 1)";
//Open Record Set using SQL Query
$result = @mysql_query($SQL) or captureCritalFail("MySQL Query Error in login.php, line 10", mysql_error(), $userID."-".$uname, time(), $SQL);
$num_rows = @mysql_num_rows($result) or captureCritalFail("MySQL Query Error in login.php, line 11", mysql_error(), $userID."-".$uname, time(), $SQL);
$myrow = @mysql_fetch_array($result) or captureCritalFail("MySQL Query Error in login.php, line 12", mysql_error(), $userID."-".$uname, time(), $SQL);
if ($num_rows == 1)
{
	//set session save path
	session_save_path($session_path);
	//session_save_path('../../../private/sessions');
	// Initialize a session. 
	session_start();
						 
	// If this is a new session ...
	if (!session_is_registered("count")) 
	{
	 session_register("count", "start", "userID", "username","PlayNHL");                         
	 $count = 0;
	 $start = time();
	 $userID = $myrow["ID"];
	 $username = $uname;
	 //$MadePlayoffs = $myrow["PlayOffs"];
	 $PlayNHL = $myrow["NHL"];
	} 
	else $count++;
	$sessionId = session_id();   
	
	?>
	<SCRIPT language="JavaScript">
		<!--
		location.replace("menu.php");
		//-->
	</SCRIPT>
	<?         

}
else {
  echo "Invalid username or password.<br/>Please <a href=\"http://hockey.joshhughes.com/menu.php\">go back</a> and try again.";
}
?>
